Skip to main content

Introduction

All servers provisioned on Laravel Forge are powered by an underlying server provider. The fastest way to get started is by using Laravel VPS as your server provider, which are Laravel managed servers. After subscribing to a Forge plan, you can immediately start provisioning Laravel VPS servers with zero additional configuration. Forge also allows you to link external server providers such as AWS or Hetzner so that you may create servers on those platforms. Server providers are configured and managed within the organization’s settings.

Supported providers

Laravel Forge supports the following cloud server providers:
If your preferred server provider is not supported by Laravel Forge, you may use Forge’s “Custom VPS” option to create your server. Custom VPS servers receive all of the same functionality as first-party supported server providers. Learn more

Managing server providers

Connecting server providers

To connect a server provider, navigate to the organization’s settings. Then, on the “Server providers” page, click “Add provider”. Select the provider you wish to connect to and authenticate your chosen account. It is possible to link any number of supported server provider accounts, including multiple accounts for the same provider.

DigitalOcean

To connect your DigitalOcean account, navigate to the Server providers page under the organization’s settings. Then, click Add provider. Select DigitalOcean, click Add provider, then click Login with DigitalOcean. Authenticate your account by following instructions provided by DigitalOcean. Once approved, Laravel Forge will create an OAuth credential, allowing it to access the necessary permissions needed in provisioning and managing your servers on your behalf.

AWS

In order to provision servers on AWS, you need to create a new IAM role. To get started, navigate to the IAM service on your AWS dashboard. Once you are in the IAM dashboard, you may select “Roles” from the left-side navigation panel and click the “Create Role” button. The process for creating the role is outlined in these steps:
  1. Choose “AWS account” as the trusted entity type, and select “Another AWS account.”
  2. Enter the “Laravel Forge AWS Account” from the Forge dashboard, then click “Next.”
  3. In the “Permissions policies” section, select the AmazonEC2FullAccess and AmazonVPCFullAccess policies. Then, click “Next.”
  4. In the “Name, review, and create” section, provide a name and description for the role.
  5. Update the “Trust policy” under “Select trusted entities” by enabling the “Require external ID” checkbox and entering the “AWS External ID” shown in the Laravel Forge dashboard.
  6. Complete the process by creating the role.
  7. Copy the role ARN displayed in the AWS dashboard and add it to your AWS credentials in Laravel Forge.
There are a few requirements you should review to ensure Laravel Forge works correctly with your linked AWS account:
  • If you are using an existing VPC, the subnet must be configured to auto-assign public IP addresses.
  • If you are using an existing VPC, the default security group must allow Laravel Forge to SSH into the server. Here is an example:
TypeProtocolPort RangeSourceDescription
HTTPTCP80Custom0.0.0.0/0
HTTPTCP80Custom::/0
SSHTCP22CustomYOUR_IP_ADDRESS/32SSH from your IP
SSHTCP22Custom159.203.150.232/32SSH from Laravel Forge
SSHTCP22Custom159.203.150.216/32SSH from Laravel Forge
SSHTCP22Custom45.55.124.124/32SSH from Laravel Forge
SSHTCP22Custom165.227.248.218/32SSH from Laravel Forge
HTTPSTCP443Custom0.0.0.0/0
HTTPSTCP443Custom::/0

AWS service limits

AWS Service Limits can be increased through the following options:
  1. Open the Service Quotas console.
  2. In the navigation pane, choose AWS services.
  3. Select a service.
  4. Select a quota.
  5. Follow the directions to request a quota increase.
  • If a service is not yet available in Service Quotas, use the AWS Support Center Console to create a service quota increase case.
  • If the service is available in Service Quotas, AWS recommends that you use the Service Quotas console instead of creating a support case.
For additional information, refer to the following AWS documentation:

Akamai

To connect your Akamai account, navigate to the Server providers page under the organization’s settings. Then, click Add provider. Select Akamai, click Add provider. Once you have provided a Profile name and API key, click Add provider. Laravel Forge will verify that it is able to access your account. When creating a new Akamai Cloud API token for your Akamai account, Akamai will ask you to select which permissions are needed by the token. You will need to select the following permissions:
  • Linodes - Read/Write
  • IPs - Read/Write
In addition, you may wish to set the token to never expire.

Vultr API access

The Vultr server provider requires you to add the Laravel Forge IP addresses to an IP address allow list so that Forge can communicate with your servers. You should ensure that you do this before provisioning a Vultr server via Forge.

Hetzner Cloud API access

Hetzner API tokens are specific to a Hetzner Project. If you utilize Hetzner Projects, you should ensure that Laravel Forge has an API token for each Hetzner Project.

Bring your own server

Alongside supporting several first-party server providers, Laravel Forge also supports the ability to use your own custom server. To do so, select the Custom VPS option when creating a new server. In addition, you should review the following server requirements:
  • The server must be running a fresh installation of Ubuntu 22.04 or 24.04 x64.
  • The server must be accessible externally over the Internet.
  • The server must have root SSH access enabled.
  • The server requirements should meet the following criteria or more: 1 CPU Core with 1GHz, 1GB RAM, and 10GB Disk space.
  • The server must have curl installed.
  • Ensure that no firewall or security group is throttling requests to the server. Throttling SSH requests may cause provisioning to fail at the final stage.
  • Some server providers may modify the contents of /root/.ssh/authorized_keys. If this applies to your provider, ensure they allow Laravel Forge’s public key to access the server.
  • If you restrict SSH access by IP address, consult the Laravel Forge IP address documentation.
  • If you are protecting your internal network through Network Address Translation (NAT ) and you are mapping public SSH ports to different internal SSH ports, you may let Laravel Forge know about this by checking the This server is behind a NAT checkbox. This will show an extra input field, NAT SSH Port, that you can use to tell Forge about the SSH port to which SSH traffic is mapped. Forge will use this port to allow traffic into the server via ufw. If the internal SSH port is the same as the public SSH port, you may leave the NAT SSH Port field empty.
  • If you are protecting your server with an antivirus software, make sure it doesn’t interfere with Laravel Forge’s operations. Antivirus programs may sometimes cause unexpected behavior during provisioning of the server that might result in misconfigurations of database instances or other applications on the server.
Provisioning an existing server with existing configurations or applications may cause serious data loss.